admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-09T18:00:38.323673+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-09 18:03:27 +00:00
parent d427e66e68
commit e2738ddd14
173 changed files with 8821 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-487xx/CVE-2023-48724.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-48724",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:28.397",
"lastModified": "2024-04-09T15:15:28.397",
"lastModified": "2024-04-09T17:15:31.287",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-490xx/CVE-2023-49074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49074",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:28.800",
"lastModified": "2024-04-09T15:15:28.800",
"lastModified": "2024-04-09T17:15:31.417",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-491xx/CVE-2023-49133.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49133",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:29.003",
"lastModified": "2024-04-09T15:15:29.003",
"lastModified": "2024-04-09T17:15:31.510",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-491xx/CVE-2023-49134.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49134",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:29.220",
"lastModified": "2024-04-09T15:15:29.220",
"lastModified": "2024-04-09T17:15:31.600",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49906.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49906",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:29.433",
"lastModified": "2024-04-09T15:15:29.433",
"lastModified": "2024-04-09T17:15:31.697",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49907.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49907",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:29.637",
"lastModified": "2024-04-09T15:15:29.637",
"lastModified": "2024-04-09T17:15:31.783",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49908.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49908",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:29.823",
"lastModified": "2024-04-09T15:15:29.823",
"lastModified": "2024-04-09T17:15:31.870",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49909.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49909",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:30.013",
"lastModified": "2024-04-09T15:15:30.013",
"lastModified": "2024-04-09T17:15:31.963",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49910.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49910",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:30.210",
"lastModified": "2024-04-09T15:15:30.210",
"lastModified": "2024-04-09T17:15:32.053",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49911",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:30.403",
"lastModified": "2024-04-09T15:15:30.403",
"lastModified": "2024-04-09T17:15:32.147",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49912.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49912",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:30.593",
"lastModified": "2024-04-09T15:15:30.593",
"lastModified": "2024-04-09T17:15:32.227",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-499xx/CVE-2023-49913.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49913",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-04-09T15:15:30.783",
"lastModified": "2024-04-09T15:15:30.783",
"lastModified": "2024-04-09T17:15:32.320",
"vulnStatus": "Received",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20665.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20665",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:32.413",
"lastModified": "2024-04-09T17:15:32.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "BitLocker Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20665",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20669.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20669",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:32.700",
"lastModified": "2024-04-09T17:15:32.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20669",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20670.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20670",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:32.907",
"lastModified": "2024-04-09T17:15:32.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Outlook for Windows Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20670",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20678.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20678",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:33.110",
"lastModified": "2024-04-09T17:15:33.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Runtime Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20678",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20685.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20685",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:33.337",
"lastModified": "2024-04-09T17:15:33.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure Private 5G Core Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-130"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20688.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20688",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:33.547",
"lastModified": "2024-04-09T17:15:33.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20688",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20689.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20689",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:33.750",
"lastModified": "2024-04-09T17:15:33.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20689",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-206xx/CVE-2024-20693.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20693",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:33.940",
"lastModified": "2024-04-09T17:15:33.940",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20693",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-213xx/CVE-2024-21322.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21322",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:34.160",
"lastModified": "2024-04-09T17:15:34.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for IoT Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-213xx/CVE-2024-21323.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21323",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:34.380",
"lastModified": "2024-04-09T17:15:34.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for IoT Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-36"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-213xx/CVE-2024-21324.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21324",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:34.607",
"lastModified": "2024-04-09T17:15:34.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender for IoT Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21324",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-214xx/CVE-2024-21409.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21409",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:34.803",
"lastModified": "2024-04-09T17:15:34.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-214xx/CVE-2024-21424.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21424",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:35.010",
"lastModified": "2024-04-09T17:15:35.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure Compute Gallery Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21424",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-214xx/CVE-2024-21447.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21447",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:35.213",
"lastModified": "2024-04-09T17:15:35.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Authentication Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21447",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26158.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26158",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:35.477",
"lastModified": "2024-04-09T17:15:35.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Install Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26168.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26168",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:35.687",
"lastModified": "2024-04-09T17:15:35.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26168",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26171.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26171",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:35.910",
"lastModified": "2024-04-09T17:15:35.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26171",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26172.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26172",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:36.137",
"lastModified": "2024-04-09T17:15:36.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DWM Core Library Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26172",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26175.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26175",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:36.327",
"lastModified": "2024-04-09T17:15:36.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26175",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26179.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26179",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:36.543",
"lastModified": "2024-04-09T17:15:36.543",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26179",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26180.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26180",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:36.747",
"lastModified": "2024-04-09T17:15:36.747",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26180",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26183.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26183",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:36.953",
"lastModified": "2024-04-09T17:15:36.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kerberos Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26183",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26189.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26189",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:37.170",
"lastModified": "2024-04-09T17:15:37.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26189",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26193.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26193",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:37.373",
"lastModified": "2024-04-09T17:15:37.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure Migrate Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26193",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26194.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26194",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:37.560",
"lastModified": "2024-04-09T17:15:37.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26194",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-261xx/CVE-2024-26195.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26195",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:37.773",
"lastModified": "2024-04-09T17:15:37.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26195",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26200.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26200",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:37.970",
"lastModified": "2024-04-09T17:15:37.970",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26200",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26202.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26202",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:38.197",
"lastModified": "2024-04-09T17:15:38.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26202",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26205.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26205",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:38.397",
"lastModified": "2024-04-09T17:15:38.397",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26205",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26207.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26207",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:38.593",
"lastModified": "2024-04-09T17:15:38.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26207",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26208.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26208",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:38.803",
"lastModified": "2024-04-09T17:15:38.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26208",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26209.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26209",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:39.000",
"lastModified": "2024-04-09T17:15:39.000",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26209",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26210.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26210",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:39.240",
"lastModified": "2024-04-09T17:15:39.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26211.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26211",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:39.443",
"lastModified": "2024-04-09T17:15:39.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26211",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26212.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26212",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:39.640",
"lastModified": "2024-04-09T17:15:39.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26212",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26213.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26213",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:39.847",
"lastModified": "2024-04-09T17:15:39.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-822"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26213",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26214.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26214",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:40.043",
"lastModified": "2024-04-09T17:15:40.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26214",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26215.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26215",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:40.240",
"lastModified": "2024-04-09T17:15:40.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26215",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26216.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26216",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:40.447",
"lastModified": "2024-04-09T17:15:40.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows File Server Resource Management Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26216",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26217.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26217",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:40.640",
"lastModified": "2024-04-09T17:15:40.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26217",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26218.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26218",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:40.840",
"lastModified": "2024-04-09T17:15:40.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26218",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26219.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26219",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:41.037",
"lastModified": "2024-04-09T17:15:41.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "HTTP.sys Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26219",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26220.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26220",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:41.247",
"lastModified": "2024-04-09T17:15:41.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Mobile Hotspot Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26220",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26221.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26221",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:41.443",
"lastModified": "2024-04-09T17:15:41.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26221",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26222.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26222",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:41.637",
"lastModified": "2024-04-09T17:15:41.637",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26222",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26223.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26223",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:41.843",
"lastModified": "2024-04-09T17:15:41.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26223",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26224.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26224",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:42.040",
"lastModified": "2024-04-09T17:15:42.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26224",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26226.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26226",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:42.233",
"lastModified": "2024-04-09T17:15:42.233",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Distributed File System (DFS) Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26226",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26227.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26227",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:42.430",
"lastModified": "2024-04-09T17:15:42.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26227",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26228.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26228",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:42.627",
"lastModified": "2024-04-09T17:15:42.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Cryptographic Services Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26228",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26229.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26229",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:42.823",
"lastModified": "2024-04-09T17:15:42.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows CSC Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26230.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26230",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:43.027",
"lastModified": "2024-04-09T17:15:43.027",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Telephony Server Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26230",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26231.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26231",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:43.260",
"lastModified": "2024-04-09T17:15:43.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26231",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26232.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26232",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:43.460",
"lastModified": "2024-04-09T17:15:43.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26232",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26233.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26233",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:43.650",
"lastModified": "2024-04-09T17:15:43.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows DNS Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26233",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26234.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26234",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:43.853",
"lastModified": "2024-04-09T17:15:43.853",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Proxy Driver Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26235.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26235",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:44.040",
"lastModified": "2024-04-09T17:15:44.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Update Stack Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26235",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26236.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26236",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:44.230",
"lastModified": "2024-04-09T17:15:44.230",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Update Stack Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-591"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26236",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26237.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26237",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:44.443",
"lastModified": "2024-04-09T17:15:44.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Defender Credential Guard Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26237",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26239.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26239",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:44.660",
"lastModified": "2024-04-09T17:15:44.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Telephony Server Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26239",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26240.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26240",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:44.880",
"lastModified": "2024-04-09T17:15:44.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26240",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26241.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26241",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:45.073",
"lastModified": "2024-04-09T17:15:45.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26241",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26242.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26242",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:45.270",
"lastModified": "2024-04-09T17:15:45.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Telephony Server Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-591"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26242",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26243.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26243",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:45.470",
"lastModified": "2024-04-09T17:15:45.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows USB Print Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26243",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26244.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26244",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:45.727",
"lastModified": "2024-04-09T17:15:45.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26245.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26245",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:45.933",
"lastModified": "2024-04-09T17:15:45.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows SMB Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26245",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26248.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26248",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:46.120",
"lastModified": "2024-04-09T17:15:46.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kerberos Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-303"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26248",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26250.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26250",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:46.327",
"lastModified": "2024-04-09T17:15:46.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26250",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26251.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26251",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:46.523",
"lastModified": "2024-04-09T17:15:46.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26251",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26252.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26252",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:46.720",
"lastModified": "2024-04-09T17:15:46.720",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows rndismp6.sys Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-822"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26252",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26253.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26253",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:46.930",
"lastModified": "2024-04-09T17:15:46.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows rndismp6.sys Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26253",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26254.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26254",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:47.133",
"lastModified": "2024-04-09T17:15:47.133",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-822"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26254",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26255.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26255",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:47.323",
"lastModified": "2024-04-09T17:15:47.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26255",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26256.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26256",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:47.507",
"lastModified": "2024-04-09T17:15:47.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libarchive Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-262xx/CVE-2024-26257.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-26257",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:47.687",
"lastModified": "2024-04-09T17:15:47.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26257",
"source": "secure@microsoft.com"
}
]
}

71
CVE-2024/CVE-2024-282xx/CVE-2024-28235.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-28235",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-09T16:15:07.863",
"lastModified": "2024-04-09T16:15:07.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Contao is an open source content management system. Starting in version 4.9.0 and prior to versions 4.13.40 and 5.3.4, when checking for broken links on protected pages, Contao sends the cookie header to external urls as well, the passed options for the http client are used for all requests. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable crawling protected pages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/blob/14e9ef4bc8b82936ba2d0e04164581145a075e2a/core-bundle/src/Resources/contao/classes/Crawl.php#L129",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/commit/73a2770e2d3535ec9f1b03d54be00e56ebb8ff16",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/commit/79b7620d01ce8f46ce2b331455e0d95e5208de3d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/security/advisories/GHSA-9jh5-qf84-x6pr",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2024/CVE-2024-288xx/CVE-2024-28896.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28896",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:47.893",
"lastModified": "2024-04-09T17:15:47.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28896",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-288xx/CVE-2024-28897.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28897",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:48.080",
"lastModified": "2024-04-09T17:15:48.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28897",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-288xx/CVE-2024-28898.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28898",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:48.260",
"lastModified": "2024-04-09T17:15:48.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28898",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28900.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28900",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:48.447",
"lastModified": "2024-04-09T17:15:48.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28900",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28901.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28901",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:48.647",
"lastModified": "2024-04-09T17:15:48.647",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28901",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28902.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28902",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:48.833",
"lastModified": "2024-04-09T17:15:48.833",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28902",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28903.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28903",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.020",
"lastModified": "2024-04-09T17:15:49.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Secure Boot Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28903",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28904.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28904",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.210",
"lastModified": "2024-04-09T17:15:49.210",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28904",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28905.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28905",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.403",
"lastModified": "2024-04-09T17:15:49.403",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28905",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28906.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28906",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.593",
"lastModified": "2024-04-09T17:15:49.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28906",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28907.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28907",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.790",
"lastModified": "2024-04-09T17:15:49.790",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28907",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-289xx/CVE-2024-28908.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-28908",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:49.973",
"lastModified": "2024-04-09T17:15:49.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28908",
"source": "secure@microsoft.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More